package com.erp.generic.service.impl;

import java.util.Map;

import com.erp.generic.utils.PasswordEncryptor;

public class AuthorizationProcessor extends BaseAuthenticationProcessor {

	public boolean verifyPassword(String userId, String password,
			Map<String, String> sessionDetMap) throws Exception {

		String databasePassword = null;
		boolean validPassword = false;
		/*UserBO userBo = getUserBo(userId);
		databasePassword = userBo.getPassword();

		String sessionId = sessionDetMap.get("oldSessionId");
		databasePassword = getSaltedPassword(sessionId, databasePassword);

		if (password.equals(databasePassword)) {
			validPassword = true;
		}*/
		return validPassword;
	}

	/*private UserBO getUserBo(String userId) throws Exception {
		Session session = HibernateUtil.openSession();

		String strQuery = "from " + UserBO.class.getName()
				+ " where userId = :userId";

		Query query = session.createQuery(strQuery);
		query.setParameter("userId", userId);

		@SuppressWarnings("unchecked")
		List<UserBO> users = query.list();

		if (users.size() == 0)
			throw new Exception();

		final UserBO userBO = users.get(0);
		return userBO;

	}*/

	protected String getSaltedPassword(String sessionId, String databasePassword) {
		if (sessionId != null && !sessionId.equals(""))
			databasePassword += new PasswordEncryptor()
					.generateEncryptedPassword(sessionId);

		// double encrypted password
		databasePassword = new PasswordEncryptor()
				.generateEncryptedPassword(databasePassword);
		return databasePassword;
	}

}
